crls
Creates, updates, deletes or gets a crl resource or lists crls in a region
Overview
| Name | crls |
| Type | Resource |
| Description | Definition of AWS::RolesAnywhere::CRL Resource Type |
| Id | awscc.rolesanywhere.crls |
Fields
- get (all properties)
- list (identifiers only)
| Name | Datatype | Description |
|---|---|---|
crl_data | string | |
crl_id | string | |
enabled | boolean | |
name | string | |
trust_anchor_arn | string | |
tags | array | |
region | string | AWS region. |
| Name | Datatype | Description |
|---|---|---|
crl_id | string | |
region | string | AWS region. |
For more information, see AWS::RolesAnywhere::CRL.
Methods
| Name | Resource | Accessible by | Required Params |
|---|---|---|---|
create_resource | crls | INSERT | Name, CrlData, region |
delete_resource | crls | DELETE | Identifier, region |
update_resource | crls | UPDATE | Identifier, PatchDocument, region |
list_resources | crls_list_only | SELECT | region |
get_resource | crls | SELECT | Identifier, region |
SELECT examples
- get (all properties)
- list (identifiers only)
Gets all properties from an individual crl.
SELECT
region,
crl_data,
crl_id,
enabled,
name,
trust_anchor_arn,
tags
FROM awscc.rolesanywhere.crls
WHERE
region = 'us-east-1' AND
Identifier = '{{ crl_id }}';
Lists all crls in a region.
SELECT
region,
crl_id
FROM awscc.rolesanywhere.crls_list_only
WHERE
region = 'us-east-1';
INSERT example
Use the following StackQL query and manifest file to create a new crl resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.rolesanywhere.crls (
CrlData,
Name,
region
)
SELECT
'{{ crl_data }}',
'{{ name }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.rolesanywhere.crls (
CrlData,
Enabled,
Name,
TrustAnchorArn,
Tags,
region
)
SELECT
'{{ crl_data }}',
'{{ enabled }}',
'{{ name }}',
'{{ trust_anchor_arn }}',
'{{ tags }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: crl
props:
- name: crl_data
value: '{{ crl_data }}'
- name: enabled
value: '{{ enabled }}'
- name: name
value: '{{ name }}'
- name: trust_anchor_arn
value: '{{ trust_anchor_arn }}'
- name: tags
value:
- key: '{{ key }}'
value: '{{ value }}'
UPDATE example
Use the following StackQL query and manifest file to update a crl resource, using stack-deploy.
/*+ update */
UPDATE awscc.rolesanywhere.crls
SET PatchDocument = string('{{ {
"CrlData": crl_data,
"Enabled": enabled,
"Name": name,
"TrustAnchorArn": trust_anchor_arn,
"Tags": tags
} | generate_patch_document }}')
WHERE
region = '{{ region }}' AND
Identifier = '{{ crl_id }}';
DELETE example
/*+ delete */
DELETE FROM awscc.rolesanywhere.crls
WHERE
Identifier = '{{ crl_id }}' AND
region = 'us-east-1';
Permissions
To operate on the crls resource, the following permissions are required:
- Create
- Read
- Update
- Delete
- List
rolesanywhere:ImportCrl,
rolesanywhere:TagResource
rolesanywhere:GetCrl,
rolesanywhere:ListTagsForResource
rolesanywhere:EnableCrl,
rolesanywhere:DisableCrl,
rolesanywhere:UpdateCrl,
rolesanywhere:TagResource,
rolesanywhere:UntagResource,
rolesanywhere:ListTagsForResource
rolesanywhere:DeleteCrl
rolesanywhere:ListCrls,
rolesanywhere:ListTagsForResource